Microsoft vulnerability: Source code published for three zero-day vulnerabilities in Windows
Background A security researcher (with the pseudonym SandboxEscaper) has discovered three zero-day vulnerabilities in Microsoft Windows. Their POC and source code have been released on GitHub. Two of these are local privilege escalation (LPE) vulnerabilities. They have been tested to work on Windows 10 only. The third vulnerability is a ... Read More
DarkCloud Bootkit
In an earlier blog about crypto-malware, we described different techniques used by cybercriminals, such as cryptomining and wallet stealing. In this blog, we will provide a technical analysis of yet another type of cryptominer malware using a bootkit and other kernel-level shellcode for persistence. Installation The installer is responsible for ... Read More
